How to Back Up Your Two-Factor Authentication Codes

Two-factor authorisation (also known as 2FA) is a very useful tool to prevent hackers from gaining access to your account. Many apps have sprung up that can store all your 2FA codes in one place. Instead of hunting around various 2FA devices and apps to get your login code, you simply boot the app and check the code for the site you want to access.

While very useful, this causes a problem. What if you want to upgrade your phone and want an easy way to port all of the codes from the old device to the new? Even worse, what happens when you lose your phone and all the codes with it? In these cases it’s best to back up 2FA codes so you can recover them at a later date.

What’s Being Backed Up?

The concept of backing up 2FA codes may sound a little absurd. After all, they expire after thirty seconds have passed – why are we bothering making backups of them? The good news is we haven’t gone mad! We’re not backing up the actual codes – we’re making a backup of the “seed” used to make them.

When you use a 2FA code generator, the codes that are being created are based off a “seed.” This seed is known both by your device and the login server you set up 2FA with, and it dictates what codes are generated at what times.

When you use a code to log in to a service, the login server checks the code you supplied to the one your seed created. If they match, it’s clear you’re the real deal, and the login server lets you in.

As such, if you make a backup of these seeds, you can reproduce the code generator on any device you like. That way you don’t have to worry about setting up 2FA on all of your sites with your new device; just give it the seeds, and it’ll produce the codes you need.

Backing Up Codes in Authy

If you use Authy for your 2FA verification, backing up is very easy. Authy comes with a cloud backup option, which automatically keeps tabs on your codes and keeps them safe on their servers.

To activate the cloud backup, first press the three dots at the top-right, then press “Settings.” Here, go to the “Accounts” category. Find the switch for “Backups” and enable it. You’ll be asked for a password for your backups. Enter the password twice to enable cloud backups.

When you use a fresh Authy install, you can log in with the same account you used before. Authy will then ask you for the password to unlock your backups. Once entered, everything should be back to normal!

Backing Up Codes in LastPass Authenticator

With LastPass Authenticator, you would have been asked to do backups when you installed the app. If you said no to this, or you simply can’t remember what you said, it’s easy to enable LastPass’ cloud backup feature.

To do this, tap the three bars at the top-left of the LastPass main screen, then tap “Settings.” You should find an option called “Backup to LastPass.” Tick this box. LastPass will then ask you to download the Password Manager app in order to store your backup. Once this is downloaded and installed, you can set up the backup using LastPass.

When it’s time to use the backup, simply install the app and run it. The very first choice the app gives you includes restoring from a backup, so use that and log back in to get your codes back.

Backing Up Codes in Google Authenticator

Unfortunately, Google Authenticator has no way to back up the codes. If you lose your phone for any reason, you’ll need to contact each site you used with the authenticator to have it removed from your account. You can put Google Authenticator on your new phone by going to the two-step verification page and clicking “Change Phone” under the Authenticator category.

If you want an authenticator that can back up 2FA codes, and you like Google Authenticator’s method of scanning QR codes, you’ll be pleased to know that Google is not the only one that uses this technology. Apps like Authy and LastPass Authenticator can scan QR codes in place of Google Authenticator and back up the codes to their own server. If you prefer to have more control, you can use Authenticator Plus which allows you to back up your codes to your own Google Drive or Dropbox account.

Use a Password Manager

In addition to the authenticator app, some password managers come with support for two-factor authentication, too. Password managers like 1Password and Enpass are a good choice.

Do Your Own Backup!

Of course, if password managers can store QR codes for later use, there’s nothing stopping you from doing the same. Every time you use a QR code to set up an authenticator, take the time to save the backup code somewhere safe. You need to make sure nobody (other than you) can find them, else they can scan the codes themselves and get access to all of your 2FA seeds!

Keeping Codes Safe

Two factor authentication is a great way to keep your devices safe, but if you lose the app holding it, it’s hard to get everything back to normal. Now you know some ways to back up 2FA codes for various apps.

One comment

A word of the wise for LastPass users with both an Enterprise and a linked personal account. Be sure that you choose to backup your codes when you’re logged into the personal account. The reason is if you should leave your company or they disable your Enterprise account you will lose access to that backup. if you use your personal to back it up you will have access to all the codes however there’s no risk to the company because they will have disabled your Enterprise account.